NADRA Faces Serious Hacking Attacks from United States, India

NADRA, that hosts Pakistan’s most critical database, has gone through serious hack attempts originating from United States, reported Daily Express.

It is still unclear if hack attempts were made by individuals or any US State Agency as report lacks the mention of the responsible organization for these alleged hacking attacks on NADRA.

Without citing any names, the report claims that an official of NADRA confirmed the paper that among various other countries, attacks from United States remains at top in numbers for hacking NADRA’s database. Hacking attempts from Israel and India were also recorded.

Daily Express, while quoting the unnamed NADRA official, claims that hack attempts on NADRA increased notably during near past, however, NADRA is all set with security measures in place to ensure the protection of its database.

Hacking attempts from United States account for 35% of total attacks that NADRA received lately. Attacks from Israel and India contributed 20% each towards the total attacks on the database that contains the private and sensitive information of each Pakistani.

NADRA official was confident that Pakistani data is secure and can not be accessed by any individual or organization despite very organized attacks.

Tech reporter with over 10 years of experience, founder of ProPakistani.PK

2

Shares

Saeed

I think why they are wasting energy and techniques – just give some $ to NADRA persons and they will easily provide whole data of Pakistanis. :)

For Pakistani we have no problem and we don’t care about Country Privacy. :)

Najam

sadly yes.

Najam

sadly yes.

Unknown

reminds me of Mr. Dr. Rehman malik. how in his tenure is ready to share (sale) whole database of Pakistan under the name of Nadra DATABASE to US CIA :/ and now they are trying to hack database of nadra. Don’t know what happened next. On the edge if same shit was done by any Pakistani dn Pakis are trying to attack us Bullshit cyber terrorism.

Khurram ShahzAd

I have also heard from a colleague that Nadra database records were being sold by people on cds in just 200 Rs.

Muhammad Sarmad Saleem

lolx… kaha sy mili gie woh cd :P :D

Khurram ShahzAd

As I said, I just heard it, not sure about authenticity of it. Believe me specially in gov organizations of Pakistan indeed there are some dirty fish who can do anything for money.

Arsalan Shah

Who knows how many times has that happened already?

A few days earlier, after trying to trace some bank robbers via geo fencing, I was told to get details of around 17,000 CNIC’s from NADRA. A NADRA employee asked me for Rs. 40/CNIC and provided me with all the details, including PLACE OF BIRTH & MOTHER’S NAME. Just to mention, I didn’t know that NADRA employee, nor had any source who got me him. I just went to the NADRA office on Peshawar Road (Saddar, RWP) and requested the person sitting on a desk inside. He didn’t even ask for my name, just asked me for money and handed me over that stuff.. Means, anyone can access the database, and buy illegal SIMS, and do whatever they want. Seeing this, I am positive several sleeper cells and RAW/CIA/MOSSAD agents would’ve already gained access to our entire NADRA database…

Gibran Ashraf

geo fencing?

Arsalan Shah

Had a CCTV footage of the robbery, and saw the robbers talking to people at certain times, noted the times and (apparent) duration of the call, and all the mobiles that were connected at those times, in that area, under that signal tower were located and eventually the culprits were caught :)

aamertaimor

It is just like sending Taliban in Afghanistan and mujahdins in Kashmir

Waqas

Srsly WTF?? “NADRA official was confident that Pakistani data is secure and can not be accessed by any individual or organization despite very organized attacks.”

By this statement I’m 101% we’re not safe.

Raja Maja

by the way who is safe………………. an organization without a data “is safe from these attacks”……….which is not possible everyone has some information which is in need of any internal or outer source.

Umair Sharif

NADRA is not the only one. PTCL itself has to endure multiple hack attempts per day, mostly originating in India. The reason for all this is that Pakistan still does not have its own IP core network.

asim

NADRA should be handled by Pak Army. Its very sensitive.

Raja Maja

so you mean Asim you do not have the capability to over any problem. when you stop thinking and working then you starting thinking about Pak Army……………Man present yourself instead asking for the help of army in any situation. do other countries have state of mind? no because they do not lose their heart and keep struggle that is how great nation revive…………..be confident in yourself first.

commando

Nadra is safe and trusted by the world If I am not wrong nadra has contracts for passport processing with Zimbabwe new zealand & african countries also If it was not so safe no country will ever hire it only takes Some merit and professionalism for nadra success And I see it as a good example for pakistan and pakistanis for brighter future

Arsalan Shah

HAHAHAHA, you make me laugh! That was a great joke man, really funny!

P.S. you’re wrong about New Zealand. Do you know, several hospitals in Zimbabwe and African countries purchase medicines and equipment which is NOT certified by WHO and is not fit for public use. It’s their way to purchase the worst systems SIMPLY FOR KICKBACKS, which NADRA would’ve offered them with open heart…

Faheem

I am not sure if Pak Army has secure network. They have mentality to keep their network isolated from the internet and we are secure.

Why on earth they have connected their databases to internet? The ones carrying the citizen data.

Khurram ShahzAd

Why on earth they have connected their databases to internet? The ones carrying the citizen data.

Mobilink Postpaid User

Its a good point

Arsalan Shah

Man, they need to access database in several cities and countries. Everywhere, whenever someone applies for a renewal/modification of CNIC or Passport, or anything related to NADRA, the request is routed from that country/city to the NADRA database in Pakistan, which can only happen via THE INTERNET. And NADRA doesn’t really believe in secret cables, or heavy encryptions. They’re still living in stone age.

Bilal Iqbal

If u people dont know then why crying over it. Nadra has own satellite connections and dedicated secure dsl by ptcl. Network is monitored 24/7 with latest tools. No direct connection of internet is used/allowed. Headoffoice has some servers connected with internet for specific services like esahulat. email .Vetification system. Border management system and some others. And folks about copying data is not feasible because it is whole dataware house with huge databases encrypted and secured.

ScarletCrimson

“It is still unclear if hack attempts were made by individuals or any US State Agency as report lacks the mention of the responsible organization for these alleged hacking attacks on NADRA.”

Let’s get real here, any US, Israeli or any other country’s civilian/individual would have no use for NADRA database (case in point: eb0z, the hacker who got into NADRA’s servers. Only did it to prove a point, not to use their database). Their state agencies however, are a whole different ball game, read: http://www.haaretz.com/news/diplomacy-defense/1.534728

Not to mention, NADRA only knows about the attacks that it was able to stop, what about the attacks it wasn’t able to stop? Iran didn’t know about the Flame virus in its sensitive computers until Kaspersky identified it AT LEAST 2 years later (http://en.wikipedia.org/wiki/Flame_(malware) ). If a Turkish individual can hack NADRA’s database (again, eb0z), then their security measures have NO chance against the attacks from NSA, Mossad, etc., they’re most definitely compromised.

Dr. Aamir Liaquat Hussain

kia koi bta sakta ha k NADRA ka idara kis nay bnaya tha?

Bilal Iqbal

People are very confused and concious about NADRA… and it is mostly due to Snowden leaks but i, being a part of NADRA knows that security measures are upto the mark. Their are multiple servers with different kind of data and connectibity i.e interanet and internet. Also teradata is official partner with world best datawarehousing solutions. Security departement is also there to monitor whole network. So be relaxed. We do care ehat we have….

“Trying to hack nadra database” shows me the depth of author understanding about pentesting and cyber security … Please read a subject before writing like this.

nothing new

bhai, he is not as capable and educated as you are. Please spare the poor lad. Pretty please? And what is pentesting? Where we test our pens prior to an exam? And cyber security? Why are you making life harder for us :) ?

adil

Pentrating test not that adult version its computer version ever heard of backtrack its that sh**

If the attempts were directed at disrupting the system then maybe its understandable, but if they just wanted to know the home address, ph no and kids details then I am sure they can think of more important things to do than this ….. :-)

Ali Khan

If the attempts were directed at disrupting the system then maybe its understandable, but if they just wanted to know the home address, ph no and kids details then I am sure they can think of more important things to do than this ….. :-)

Maqsood

Nothing is secure on the Internet

A Pakistani

Nadra has a very secure and encrypted database, they do transmit the data from different locations to their HQ in Islamabad, all transmission is encrypted, its not open to air kind of transmission. I have worked with their security service for several years, and i can assure you guys its not an easy job to hack NADRA DB. Hackers attack everything, from NADRA to CIA, nothing new in it. However we should not defame our country without any reason.

Nothing new

You dont even know the name of their so-called security department. I am sure, by “security service”, you mean security guards’ service. Besides, you do not know whether its Nadra’s “database”, or datawarehouse, that houses citizen data. Arent Propakistani admins surprised that so many NADRA employees were their regular readers? And that they disclosed themselves as soon as this blog post appeared?

Bilal Iqbal

He is true while you are just kidding. We have our own “information security” departement having tools and skills to tackle threats. And what about being Nadra employee. I feel proud on my departement and you are just thinking negative instead of knowing whole picture…